In this guide you can enable attack notification in FastNetMon. This guide assumes that you configured InfluxDB properly using Visual Traffic guide.
Please upgrade FastNetMon to version 2.0.129 to use it for BGP blackhole and BGP Flow Spec.
It will look like:
Please open any dashboard where you need this information (we suggest using “FastNetMon Advanced Total traffic”). Then find button with gear sign on top of screen and press it.
Then select “annotations” on left panel and press “Add Annotation Query” button.
Name: FastNetMonAttacks Data source: InfluxDB
select title, tags, text from events where $timeFilter
Text: text Tags: tags
And save all changes with “Save” button on left side.
You need to use following mode from FastNetMon to enable this feature :
sudo fcli set main influxdb_attack_notification enable sudo fcli commit
Finally, please test integration using ban function for some test IP address (be careful, FastNetMon will block it!):
sudo fcli set blackhole 126.96.36.199